MX95 WAN CONNECTION BEST PRACTICE

Solved
Mazide
Here to help

MX95 WAN CONNECTION BEST PRACTICE

Hello everyone,

I'm seeking advice on best practices to set up a robust network at our branch office to minimize downtime.

Here's our current setup:

  • We have two separate internet connections from 2 different providers.
  • Each internet connection terminates on a separate port on our MS120 switch.
  • Each MX95 device is connected to the MS120 switch via a separate port.
  • Additionally, each MX device has two links to the LAN.

Could anyone advise on the best configuration practices using these components to ensure reliable connectivity and seamless failover? Any insights or recommendations would be greatly appreciated.

Thank you!

a6765beb-e77b-4775-b81c-064d521c793b.jpg

1 Accepted Solution
KarstenI
Kind of a big deal
Kind of a big deal

 

This is what I do in these situations:

5-Dual-MX-2-ISP-2-1024x374.jpg

If you found this post helpful, please give it Kudos. If my answer solves your problem, please click Accept as Solution so others can benefit from it.

View solution in original post

6 Replies 6
GIdenJoe
Kind of a big deal
Kind of a big deal

If at all possible if both ISP's use devices (routers or modems) with multiple ports try to connect your MX devices directly.
If this is not possible due to remote location you can use switches to split the connection.

I recommend using a separate switch for each ISP.  Or separate switches in a stack where ISP 1 with both MX WAN-1 ports is on one switch and the other ISP router with both MX'es is on the second switch.  This way if one switch dies or needs to go into service you don't lose both ISP's at the same time.

Due to client tracking issues it might be a good idea to use non Meraki switches or Meraki switches in a different dashboard network so the WAN IP's don't mix and have some adverse effects on your clients page.

Mazide
Here to help

I like the idea of using a separate switch for each ISP with non meraki switches.

Do you recommend having a direct link between the two MX devices for the HA ?

 

Yes, we do have that effect on the client dashboard with public IPs.

 

Thank you for your advice.

PhilipDAth
Kind of a big deal
Kind of a big deal

I would not run a direct link between the MXs, as it can cause spanning tree issues.

 

If you can't buy a second switch, you can also just run the secondary ISP into WAN2 on the primary MX.

rhbirkelund
Kind of a big deal
Kind of a big deal

I tend to keep the ISP/WAN switches in a dedicated Network, outside of the site's network. Otherwise, the Application Visibility has a tendency to show skewed data.

LinkedIn ::: https://blog.rhbirkelund.dk/

Like what you see? - Give a Kudo ## Did it answer your question? - Mark it as a Solution 🙂

All code examples are provided as is. Responsibility for Code execution lies solely your own.
KarstenI
Kind of a big deal
Kind of a big deal

 

This is what I do in these situations:

5-Dual-MX-2-ISP-2-1024x374.jpg

If you found this post helpful, please give it Kudos. If my answer solves your problem, please click Accept as Solution so others can benefit from it.
Mazide
Here to help

 

Thank you Karstenl for sharing this.

 

I particularly like Option 6: Two MX, two ISPs (4), which ensures that there is a backup for each component (FAI, Switch and MX)

 

 

Pros:
- redundancy and reliability.
- minimum single point of failure.

 

Cons:
- Requires physical intervention if a switch fails, as the ISP connection needs to be moved manually from the damaged switch to the working one.
- Having two links from the ISP is not common and may not be feasible for all setups.

 

Despite these potential drawbacks, I believe the added redundancy makes this option the best choice.

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels